CVE-2025-10966
CVE Details
Visit the official vulnerability details page for CVE-2025-10966 to learn more.
Initial Publication
11/07/2025
Last Update
01/20/2026
Third Party Dependency
curl
NIST CVE Summary
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.
This prevents curl from detecting MITM attackers and more.
CVE Severity
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
Status
Analyzed
Affected Products & Versions
| Version | PaletteAI | PaletteAI VerteX |
|---|---|---|
| 0.7.1 | ⚠️ Impacted | ⚠️ Impacted |
| 0.6.6 | ⚠️ Impacted | ⚠️ Impacted |
| 0.5.11 | ⚠️ Impacted | ⚠️ Impacted |
Revision History
No revisions available.